Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/hrehDMyiypnBq4mZ0sGNExNHTe8.roa
File: hrehDMyiypnBq4mZ0sGNExNHTe8.roa (raw, json)
Hash identifier: w7fG/7wFxYIOlX3Wcp9symnxFo01bga+YzGzEKLEH+Q=
Subject key identifier: 86:B7:A1:0C:CC:A2:CA:99:C1:AB:89:99:D2:C1:8D:13:13:47:4D:EF
Certificate issuer: /CN=3680651aba066b4084a7ed20d7f5201b2296c197
Certificate serial: 0193634200D73EF74AC41974C38F920C5E7C
Authority key identifier: 36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NoBlGroGa0CEp-0g1_UgGyKWwZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/hrehDMyiypnBq4mZ0sGNExNHTe8.roa
Signing time: Mon 25 Nov 2024 12:18:10 +0000
ROA not before: Mon 25 Nov 2024 12:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35725
IP address blocks: 89.33.32.0/21 maxlen: 21
89.33.48.0/21 maxlen: 21
178.138.0.0/16 maxlen: 16
178.138.0.0/18 maxlen: 18
178.138.1.0/24 maxlen: 24
178.138.32.0/22 maxlen: 22
178.138.38.0/24 maxlen: 24
178.138.39.0/24 maxlen: 24
178.138.40.0/23 maxlen: 23
178.138.42.0/24 maxlen: 24
178.138.43.0/24 maxlen: 24
178.138.62.0/24 maxlen: 24
178.138.96.0/22 maxlen: 22
178.138.96.0/23 maxlen: 23
178.138.98.0/23 maxlen: 23
178.138.104.0/24 maxlen: 24
178.138.126.0/23 maxlen: 23
178.138.192.0/23 maxlen: 23
178.138.194.0/23 maxlen: 23
193.104.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 12:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:42:00:d7:3e:f7:4a:c4:19:74:c3:8f:92:0c:5e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3680651aba066b4084a7ed20d7f5201b2296c197
Validity
Not Before: Nov 25 12:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86b7a10ccca2ca99c1ab8999d2c18d1313474def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:29:a3:23:55:8f:d6:11:1a:a6:7a:4a:b0:d9:
a6:e9:37:74:4b:80:c4:ec:2c:53:a0:34:f0:b4:2b:
59:b5:42:a8:21:45:6b:65:cc:38:77:86:70:9c:da:
af:28:26:a0:8c:8a:00:ac:90:c7:d1:39:f9:8b:68:
73:f2:51:09:2e:f9:d3:12:f1:45:a4:e9:c0:35:ac:
87:0e:b0:28:95:58:58:36:69:76:c6:52:b5:9f:a3:
46:ad:5f:85:7f:9a:7c:ee:db:48:e4:86:f7:2b:41:
86:66:bb:48:6b:7a:8e:f9:bc:54:7a:b7:f4:21:1e:
61:50:3d:15:38:c0:9c:78:ea:ba:9c:94:37:fc:78:
a2:5f:e3:6d:10:7b:eb:4f:1d:1c:61:ee:e0:4c:68:
ae:f8:c0:12:e9:3c:58:04:55:22:fa:33:c4:c7:89:
f2:02:dc:85:64:1a:5b:34:50:5d:67:d3:0c:fc:e9:
3f:94:99:24:59:75:56:ea:41:b6:90:e2:63:c7:d4:
df:f9:b6:b4:4a:d1:5c:c3:41:a4:58:29:93:a4:79:
9f:43:fc:c0:b8:07:92:35:32:e3:ed:e0:69:7e:a6:
22:c8:c5:b7:09:ea:de:b8:8e:33:17:07:e6:b0:43:
b0:ed:b2:83:f3:34:15:21:1e:b8:fb:c9:7c:28:da:
37:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B7:A1:0C:CC:A2:CA:99:C1:AB:89:99:D2:C1:8D:13:13:47:4D:EF
X509v3 Authority Key Identifier:
keyid:36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NoBlGroGa0CEp-0g1_UgGyKWwZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/hrehDMyiypnBq4mZ0sGNExNHTe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/NoBlGroGa0CEp-0g1_UgGyKWwZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.32.0/21
89.33.48.0/21
178.138.0.0/16
193.104.247.0/24
Signature Algorithm: sha256WithRSAEncryption
90:27:ad:d1:a7:a6:93:7f:cd:7c:fd:0f:e0:9c:d1:a1:99:3f:
be:8b:78:f7:2f:e4:09:d0:a1:41:29:f6:62:29:32:d3:2e:e6:
65:04:2c:25:3b:7f:2e:57:59:6f:44:cc:48:80:8f:48:20:64:
18:d8:8a:9f:63:1d:31:39:7f:13:99:e5:4a:e6:04:e9:73:ca:
14:7c:69:cb:0e:9a:31:0b:94:1d:72:8a:dd:b0:1e:bb:85:0f:
8c:b3:42:1f:c8:bc:14:50:a7:c5:15:4c:83:48:d6:98:3d:08:
61:ca:9c:44:d9:3c:5e:a7:d9:c9:31:6b:19:83:6f:b3:b8:77:
77:12:6a:4b:64:55:0c:c4:01:30:80:4e:99:03:c9:e4:4e:9e:
c6:f3:cc:0d:38:12:d1:56:4f:22:8d:91:cd:16:f3:29:e1:bb:
1d:e0:e5:b4:3a:be:5f:8a:80:da:8b:19:36:51:6d:2e:6a:1d:
fc:15:06:b8:9f:5c:78:63:e3:7a:a0:ed:83:66:ea:b9:05:50:
70:41:a0:0a:e0:bd:70:08:c9:0b:dc:5d:65:2a:5c:ac:d0:e3:
5b:6d:85:98:17:f7:77:4e:6a:8a:15:ba:54:04:65:ab:df:93:
44:fa:f3:4a:a0:c2:3a:b1:5a:47:f8:21:16:05:2f:13:1f:5c:
6f:c3:09:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZNjQgDXPvdKxBl0w4+SDF58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ODA2NTFhYmEwNjZiNDA4NGE3ZWQyMGQ3ZjUyMDFiMjI5
NmMxOTcwHhcNMjQxMTI1MTIxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI3YTEwY2NjYTJjYTk5YzFhYjg5OTlkMmMxOGQxMzEzNDc0ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApimjI1WP1hEapnpKsNmm6Td0S4DE
7CxToDTwtCtZtUKoIUVrZcw4d4ZwnNqvKCagjIoArJDH0Tn5i2hz8lEJLvnTEvFF
pOnANayHDrAolVhYNml2xlK1n6NGrV+Ff5p87ttI5Ib3K0GGZrtIa3qO+bxUerf0
IR5hUD0VOMCceOq6nJQ3/HiiX+NtEHvrTx0cYe7gTGiu+MAS6TxYBFUi+jPEx4ny
AtyFZBpbNFBdZ9MM/Ok/lJkkWXVW6kG2kOJjx9Tf+ba0StFcw0GkWCmTpHmfQ/zA
uAeSNTLj7eBpfqYiyMW3CereuI4zFwfmsEOw7bKD8zQVIR64+8l8KNo3nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIa3oQzMosqZwauJmdLBjRMTR03vMB8GA1UdIwQY
MBaAFDaAZRq6BmtAhKftINf1IBsilsGXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm9CbEdyb0dhMENFcC0wZzFfVWdHeUtXd1pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9kMTBiOTQtNDEwNS00NWUyLWE3MDct
NTIyNGNmMTNmNTg2LzEvaHJlaERNeWl5cG5CcTRtWjBzR05FeE5IVGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9kMTBiOTQtNDEwNS00NWUyLWE3MDctNTIyNGNmMTNmNTg2
LzEvTm9CbEdyb0dhMENFcC0wZzFfVWdHeUtXd1pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQDWSEgAwQD
WSEwAwMAsooDBADBaPcwDQYJKoZIhvcNAQELBQADggEBAJAnrdGnppN/zXz9D+Cc
0aGZP76LePcv5AnQoUEp9mIpMtMu5mUELCU7fy5XWW9EzEiAj0ggZBjYip9jHTE5
fxOZ5UrmBOlzyhR8acsOmjELlB1yit2wHruFD4yzQh/IvBRQp8UVTINI1pg9CGHK
nETZPF6n2ckxaxmDb7O4d3cSaktkVQzEATCATpkDyeROnsbzzA04EtFWTyKNkc0W
8ynhux3g5bQ6vl+KgNqLGTZRbS5qHfwVBrifXHhj43qg7YNm6rkFUHBBoArgvXAI
yQvcXWUqXKzQ41tthZgX93dOaooVulQEZavfk0T680qgwjqxWkf4IRYFLxMfXG/D
CWs=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:56:25 2025 by rpki-client